Himalayas logo
AmerisourceBergenAM

Sr. Director, Information Security

Cencora, formerly AmerisourceBergen, is a global pharmaceutical sourcing and distribution services company, partnering with healthcare providers and pharmaceutical manufacturers to improve product access and patient care. It was formed in 2001 and rebranded in 2023.

AmerisourceBergen

Employee count: 5000+

United States only

Stay safe on Himalayas

Never send money to companies. Jobs on Himalayas will never require payment from applicants.

Our team members are at the heart of everything we do. At Cencora, we are united in our responsibility to create healthier futures, and every person here is essential to us being able to deliver on that purpose. If you want to make a difference at the center of health, come join our innovative company and help us improve the lives of people and animals everywhere. Apply today!

Job Details

Summary:

This role is responsible for building strong partnerships with business units, other corporate support functions, and the user community to protect the corporate brand, data, and assets and is responsible for the design, implementation, operation, and maintenance of an information security framework, processes, and systems, that protect the business, services, information and systems against unauthorized use, disclosure, modification, damage, and loss. Senior Directors are the leaders of Business Information Security Strategy and deliver security and compliance services for an assigned business segment while also leading an ISO center of excellence. They implement processes and controls, identify risks, protect information, and infrastructure, and lead at least one ISO center of excellence including assessments privacy services, data grooming processes, and strategic, operational, and financial responsibility for the development, implementation, and delivery of appropriate security services and solutions. They establish a vision and strategy, lead planning and execution of security architecture, application security, data security, and infrastructure security, and ensure effective information security practices and awareness organization-wide.

Our employee experience is a strategic priority for our company. Our leaders are accountable for leading with purpose, fairness, and equity. They are responsible for building and developing diverse teams, maintaining a safe and inclusive environment, setting clear priorities, and holding self and team accountable for executing with excellence.

Responsibilities include:

  • Leads the implementation and management of appropriate controls and processes that ensure organizational compliance to regulatory and contractual obligations (e.g. Sarbanes-Oxley, ISO 27001, NIST Cyber Security Framework (NIST CSF), HIPAA, PHI, PCI, etc.)

  • Establishes wide-ranging business relationships to understand business unit security needs in order to appropriately prioritize security engagements and acts as the key contact for all security efforts within a business segment and assists with prioritization of ISO efforts

  • Establishes and leads at least one center of excellence within ISO to provide continuous process improvement and standardization

  • Leads the implementation and operation of the information security governance model for a major division and establishes and maintains relationships with key business unit leaders and senior staff to identify information security policies and key business assets along with associated threats, standards, and procedures and architects the appropriate and cost-effective security measures into the model

  • Assess risks of all nature, internal and external, and provides intelligence and direction and actionable decision-making, to protect the corporate brand, data and assets

  • Acts as the trusted advisor for security, risk, compliance and governance matters and supports the enablement of business segment security capabilities via balanced risk decisions

  • Sets goals/KPIs, creates budget and manages the overall performance of the Information Security Strategy team

  • Establishes a vision and strategy, leads planning and execution of security architecture, application security, could security, data security, and infrastructure

  • Manages security architecture, cyber resiliency and risk and compliance resources with business objectives in order to ensure security is applied appropriately and prioritized based on risk

  • Delivers security services (architecture, risk/compliance/DR/etc.) for numerous business and IT-lead projects running in parallel

  • Leads, develops and mentors teams of Information Security Strategy and IS IT Risk Management professionals as well as contractors, vendors and services providers

  • Guides and consults IT executives and business leaders regarding risks to information security and business operations as well as the necessary corporate responsibilities required to mitigate those risks throughout the enterprise

  • Builds appropriate metrics and KPIs and provides regular reporting on the information security program maturity, risk posture and management, and regulatory compliance

  • Works closely with the VP of Information Security Strategy to define a quantitative framework for assessing risks and providing balanced guidance to IT and business teams

  • Owns strategy and vision for IT enterprise security, application security, vulnerability management and incident management, including owning and maintaining all security policies and procedures for a growth stage biotechnology company

  • Oversees and administers the cyber security policy, works in conjunction with the SOC team to identify security incidents and report incidents to leadership and human resources

  • Ensures reports and data are utilized in regulatory reporting are completed in the required timelines and reports are prepared and submitted to appropriate agencies and stakeholders

  • Follows information security trends within and outside of work with executive leadership to strategize and recommend changes and updates to company

Qualifications include:

Education:

  • Master’s Degree in Business Administration, Computer Science, Information Technology or any other related discipline or equivalent related experience.

Preferred Certifications:

  • Certified Information Systems Auditor (CISA)

  • Certified Information Systems Security Professional (CISSP)

  • Certification in Information Security Strategy Management (CISM)

  • Information Technology Infrastructure Library (ITIL)

  • Offensive Security Certified Professional (OSCP)

  • Project Management Professional (PMP) Certification

Experience:

  • 12+ years of directly-related or relevant experience with 8+ years in a managerial capacity, preferably in information security.

Behavioral Skills:

  • Coaching and Mentoring

  • Creativity & Innovation

  • Decision Making

  • Leadership Skills

  • People Management

  • Planning

  • Risk-taking

Technical Skills:

  • IT Risk Management

  • IT Controls

  • Cyber Attack Mitigation

  • Enterprise IT Management

  • Network Security

  • Service Level Maintenance

  • Information Security Strategy Continuity

  • Threat Modelling

  • Information Security Strategy Standards (SOX, ISO 27001/27002, COBIT, ITIL, NIST, PCI)

Tools Knowledge:

  • Microsoft Office Suite

  • Security Tools - SIEM, EDR, Email Security Gateway, SOAR, Firewall, Anti-virus, Firewalls, VPN IDS/IPS, AV, proxies, etc.

  • Security Testing Tools - Open Source and COTS security tools

  • Threat Intelligence Tools

  • Vulnerability Testing Tools

What Cencora offers

We provide compensation, benefits, and resources that enable a highly inclusive culture and support our team members’ ability to live with purpose every day. In addition to traditional offerings like medical, dental, and vision care, we also provide a comprehensive suite of benefits that focus on the physical, emotional, financial, and social aspects of wellness. This encompasses support for working families, which may include backup dependent care, adoption assistance, infertility coverage, family building support, behavioral health solutions, paid parental leave, and paid caregiver leave. To encourage your personal growth, we also offer a variety of training programs, professional development resources, and opportunities to participate in mentorship programs, employee resource groups, volunteer activities, and much more. For details, visit https://www.virtualfairhub.com/cencora

Full time

Equal Employment Opportunity

Cencora is committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status or membership in any other class protected by federal, state or local law.

The company’s continued success depends on the full and effective utilization of qualified individuals. Therefore, harassment is prohibited and all matters related to recruiting, training, compensation, benefits, promotions and transfers comply with equal opportunity principles and are non-discriminatory.

Cencora is committed to providing reasonable accommodations to individuals with disabilities during the employment process which are consistent with legal requirements. If you wish to request an accommodation while seeking employment, please call 888.692.2272 or email hrsc@cencora.com. We will make accommodation determinations on a request-by-request basis. Messages and emails regarding anything other than accommodations requests will not be returned

Affiliated Companies

Affiliated Companies: AmerisourceBergen Services Corporation

About the job

Apply before

Posted on

Job type

Full Time

Experience level

Senior
Director

Location requirements

United States

Hiring timezones

United States +/- 0 hours

Job categories

Director of Information SecuritySenior Data Security DirectorSenior Director Of SecurityDirector Of Data SecurityIT Security DirectorVice President Of Information SecurityDirector Of CybersecurityHead of Information Security

Skills

Security ArchitectureApplication SecurityData SecurityInfrastructure SecurityIT Risk ManagementVulnerability ManagementIncident ManagementSecurity GovernanceInformation Security StrategySecurity PoliciesSIEMEDRSOAR

About AmerisourceBergen

Learn more about AmerisourceBergen and their company culture.

View company profile

Cencora, formerly known as AmerisourceBergen Corporation, stands as a prominent global pharmaceutical solutions organization. The company was formed in 2001 through the merger of AmeriSource Health Corporation and Bergen Brunswig. Operating with a clear purpose, Cencora is dedicated to creating healthier futures by improving the accessibility and efficiency of pharmaceutical development and delivery worldwide. The organization partners extensively with pharmaceutical innovators, healthcare providers, and pharmacies across the entire value chain. This collaboration aims to optimize market access for therapies, ensuring that medications reach patients effectively and reliably.

With a significant global presence, Cencora employs a substantial workforce of over 46,000 team members. These individuals contribute to positive health outcomes by facilitating the secure and dependable delivery of pharmaceuticals, healthcare products, and comprehensive solutions. The company's operations span numerous countries, including major distribution networks in the United States and Canada, as well as packaging facilities in the U.S. and the United Kingdom. Cencora's core business revolves around pharmaceutical distribution, but it has strategically expanded its platform to include a wide array of pharma and biopharma services. These services are designed to support pharmaceutical innovation, from pre-commercialization and clinical trial stages to broad market availability and patient adherence programs. The company handles a significant portion of all pharmaceuticals sold and distributed in the United States and serves a diverse clientele, including acute care hospitals, retail pharmacies, medical clinics, and veterinary practices. In August 2023, AmerisourceBergen officially rebranded to Cencora, a name chosen to reflect its unified global presence and its central role in healthcare.

Employee benefits

Learn about the employee benefits and perks provided at AmerisourceBergen.

View benefits

Vision insurance

Vision care benefits.

401(K)

Retirement savings plan.

Dental insurance

Dental coverage for employees.

Company equity

Opportunity for company equity.

View AmerisourceBergen's employee benefits
Claim this profileAmerisourceBergen logoAM

AmerisourceBergen

Company size

5000+ employees

Founded in

2001

Chief executive officer

Robert P. Mauch

Markets

Pharmaceutical DistributionBiopharmaceutical ServicesClinical Trial SupportPatient Adherence ProgramsPharmaceutical PackagingVeterinary HealthcareHealthcare LogisticsPharmaceutical Supply ChainHealthcare ServicesGlobal Health Solutions

Employees live in

United States
View company profile

Similar remote jobs

Here are other jobs you might want to apply for.

View all remote jobs

168 remote jobs at AmerisourceBergen

Explore the variety of open remote roles at AmerisourceBergen, offering flexible work options across multiple disciplines and skill levels.

View all jobs at AmerisourceBergen
Top remote companies

Remote companies like AmerisourceBergen

Find your next opportunity by exploring profiles of companies that are similar to AmerisourceBergen. Compare culture, benefits, and job openings on Himalayas.

View all companies

Find your dream job

Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan
Save
Apply now
AmerisourceBergen hiring Sr. Director, Information Security • Remote (Work from Home) | Himalayas